I ran into this as well, I have a script that I needed to run as root
from apache. By default the version of apache I use runs as the user apache and
I tried running i as root but there are issues when doing so. The way I got
around this was I kept running apache as the user apache. I then enabled rsh
on the server only from the user "apache" and only from the machine "localhost".
( I am using RedHat which uses xinetd.d instead of inetd. I am not sure which
Suse uses.) To enable rsh to root as the user apache I edited roots .rhosts
file and I added the line
127.0.0.1 apache
I then had to add the line
rsh
to the file
/etc/securetty
I then had to edit /etc/xinetd.d/rsh to enable rsh then restart xinetd by
running
service xinetd restart
I think in Suse you will have to edit /etc/inetd.conf and run
service inetd restart ( not sure ).
Anyway, from the perl script that I was running from the web browser I made a
system call out to another script but I did it through rsh, like this
system("rsh -l root localhost /var/www/cgi-bin/scriptname");
I think that is pretty much all I had to do. Be careful and test that rsh
works only from localhost and only as the user "apache". Also, if you want to
pass any parameters to the new script you are running as root be careful. If
it is sensative information ( like a user's password in my case ) the rsh line
you run appears in a log file, I believe it was either
/var/log/messages or /var/log/httpd/access_log
I ended up writing the info I wanted to pass to a file and handed that filename
to the new script then the new script retrieved the data and deleted the file.
Apache does let you run as what is called "suexec" but I read in the their
documentation that it will not let you do so as root at this time ( I bet they
are worried about being hacked. ) Make sure the script are going to run is
torture tested so it cannot be hacked. If so you are letting a potential
unknown user run a script as root.
Quoting Csillag Zsolt <starsoft@interware.hu>:
>
> Hi!
>
> I'm developing a cgi application. I don't want to tell the whole story,
> in
> brief the
> cgi works from command line and not from the web browser.
>
> I've tried everything, my last try is to run Apache with root (currently
> is
> running with wwwrun user)
>
> I use Suse 7.1
>
> Can you help me?
>
> When I modify httpd.conf to root I get an error message.
>
> Please write me in detail since I'm relative new to Linux.
>
> Thank you in advance
>
> Zsolt Csillag
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:
http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org